SHA1 Hash Algorithm - Version 1.0

This document provides an overview of the Secure
Hashing Algorithm, and details how a SHA1 digest is
encoded in a DSig 1.0 Resource
Reference Information Extension, providing the digest of a referenced
web resource.

The Secure Hash Algorithm (SHA), developed by NIST, along with the NSA, for use with
the Digital Signature Standard (DSS) is specified within the Secure Hash Standard (SHS)
[National Institute of Standards and Technology (NIST). FIPS Publication 180: Secure Hash
Standard (SHS). May 1993.]. SHA-1 [National Institute of Standards and Technology (NIST).
Announcement of Weakness in the Secure Hash Standard. May 1994.] was a revision to SHA
that was published in 1994. The revision corrected an unpublished flaw in SHA.

SHA is a cryptographic message digest algorithm (see RSA FAQ Q94: What is a Hash Function?)
similar to the MD4 family of hash functions developed by Rivest (see RSA FAQ, Question 99). It
differs in that it adds an additional expansion operation, an extra round and the whole
transformation was designed to accomodate the DSS block size for efficiency.

The Secure Hash Algorithm takes a message of less than 264bits in
length and produces a 160-bit message digest which is designed so that it should be
computationaly expensive to find a text which matches a given hash. ie if you have a hash
for document A, H(A), it is difficult to find a document B which has the same hash, and
even more difficult to arrange that document B says what you want it to say.

All values are encoded using the standard base-64 representation of a byte-array
containing the two's-complement representation of the value to encode. The first byte in
this array is the high-order byte. The minimal number of bytes necessary is used to
represent a certain value, so no leading zero-bytes are allowed.

The BNF below shows how a SHA1 digest is encoded in a Resource Reference Information
Extension.

resinfo-data ::='(' HashAlgoURL resource-hash hash-date*1 ')'
HashAlgoURL ::='"http://www.w3.org/TR/1998/REC-DSig-label/SHA1-1_0"'
resource-hash ::= '"base64-string encoding of 160 bit SHA1 message
digest of the information resource."'
hash-date ::= quoted-ISO-date
quoted-ISO-date ::= '"'YYYY'.'MM'.'DD'T'hh':'mmStz'"'
based on the ISO 8601:1988 date and time standard, restricted
to the specific form described here:
YYYY ::= four-digit year
MM ::= two-digit month (01=January, etc.)
DD ::= two-digit day of month (01 through 31)
hh ::= two digits of hour (00 through 23) (am/pm NOT allowed)
mm ::= two digits of minute (00 through 59)
S ::= sign of time zone offset from UTC ('+' or '-')
tz ::= four digit amount of offset from UTC
(e.g., 1512 means 15 hours and 12 minutes)
For example, "1994.11.05T08:15-0500" is a valid quoted-ISO-date
denoting November 5, 1994, 8:15 am, US Eastern Standard Time
Note: The ISO standard allows considerably greater
flexibility than that described here. PICS requires precisely
the syntax described here -- neither the time nor the time zone may
be omitted, none of the alternate formats are permitted, and
the punctuation must be as specified here.
base64-string ::=as defined in RFC-1521.

hash-date is optional. There may be zero or one dates included here at
the signer's behest.

The following example shows a valid DSig 1.0 SHA1 resinfo
extension with two SHA1 hashes of the referenced information resource. The first without a
date, the second with a date.